Support auth cookies with : characters

The parts of a couchdb authentication cookie are separated by colons. One of these parts can contain colons and, more rarely, runs of colons. The string:tokens function silently drops any empty token, thus giving a spurious failure for valid input. The fix changes this mechanism to one that losslessly decodes this part. COUCHDB-1607
author: Robert Newson <rnewson@apache.org> 2012-11-18 19:02:07 +0000
committer: Robert Newson <rnewson@apache.org> 2012-11-18 20:46:42 +0000
commit: f391155280ccdc8f15b94bd8e5753985bd0b26e0 (patch)
tree: 92a99726bc64214106685f77556bb411d55fc29b
parent: c575248144397ee07de60a7e09683f5b44c68311 (diff)
download: couchdb-f391155280ccdc8f15b94bd8e5753985bd0b26e0.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/src/couchdb/couch_httpd_auth.erl b/src/couchdb/couch_httpd_auth.erl
index 0b4ba8f86..5226a56a6 100644
--- a/src/couchdb/couch_httpd_auth.erl
+++ b/src/couchdb/couch_httpd_auth.erl
@@ -160,7 +160,7 @@ cookie_authentication_handler(#httpd{mochi_req=MochiReq}=Req) ->
     Cookie ->
         [User, TimeStr | HashParts] = try
             AuthSession = couch_util:decodeBase64Url(Cookie),
-            [_A, _B | _Cs] = string:tokens(?b2l(AuthSession), ":")
+            [_A, _B | _Cs] = re:split(?b2l(AuthSession), ":", [{return, list}])
         catch
             _:_Error ->
                 Reason = <<"Malformed AuthSession cookie. Please clear your cookies.">>,
author	Robert Newson <rnewson@apache.org>	2012-11-18 19:02:07 +0000
committer	Robert Newson <rnewson@apache.org>	2012-11-18 20:46:42 +0000
commit	f391155280ccdc8f15b94bd8e5753985bd0b26e0 (patch)
tree	92a99726bc64214106685f77556bb411d55fc29b
parent	c575248144397ee07de60a7e09683f5b44c68311 (diff)
download	couchdb-f391155280ccdc8f15b94bd8e5753985bd0b26e0.tar.gz